Bill Royds wrote:
> If you can find the list of open ports THROUGH a firewall, then you need
> to replace the firewall. It has failed in its main task. The only way one
> should find out about open ports on a server is to be in the same
> protection domain as the server.
>
Bollocks. That may be the case in some setups, but there are clearly going
to be situations where a firewall, which may amount to as much as a
screening router, will let traffic through, hopefully but not necessarily to
specific servers and services. Now if your servers have open ports that the
firewall should prevent outsiders from accessing, that's an entirely
different story.
Tobias
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
